Threat Intelligence Analyst
ReliaQuest
IT
London, UK
Posted on Apr 11, 2025
Why it’s worth it:
The ReliaQuest Threat Intelligence team provides timely, comprehensive intelligence that empowers high-fidelity detections, identifies known and emerging threats, and equips our customers with the knowledge to act decisively. Via our industry-leading security operations platform, GreyMatter, we produce operational, strategic, and tactical intelligence that delivers actionable insights into threat actor tactics, techniques, and procedures. Beyond this, we act as a thought leader in cybersecurity by offering original insights that highlight our expertise in detecting, containing, investigating, and responding to adversaries. If you thrive in a high-performance environment, this role will challenge you to push your boundaries, innovate continually, and operate at pace.
The everyday hustle:
Identify and evaluate trends, dynamics, and developments in the cyber threat landscape by conducting primary-source research and analyzing telemetry.
Maintain the GreyMatter platform’s threat intelligence library by writing timely, accurate, and relevant customer-facing deliverables covering threat actors, vulnerabilities, campaigns, and malware.
Supply intelligence to internal teams to enrich our threat detection, containment, investigation, and response capabilities.
Conduct investigations to support fast-turnaround and long-form customer requests for information, including in incident response scenarios.
Publish emergency customer advisories to alert on impactful developments requiring immediate action.
Carry out research and operations on the clear, deep, and dark web, including active threat actor elicitations.
Propose and author extended original research projects to strengthen ReliaQuest as a trusted voice and leader within the threat intelligence community.
Act as a trusted technical advisor to customers in ad hoc meetings and regular business reviews, understanding their unique environment and challenges to optimize their cyber resiliency.
Do you have what it takes?
3-4 years’ experience of working in cybersecurity and/or cyber threat intelligence
A relevant bachelor’s degree (e.g., languages, computer science, cybersecurity, international relations, political science), equivalent education, or appropriate professional experience
Knowledge of cyber adversary tactics, techniques, and procedures (TTPs)
Proficiency in conducting technical and tactical investigations into atomic IOCs, threat actor methodologies, malware, and vulnerabilities
Familiarity with the intelligence cycle, structured analytical techniques, and appropriate analytical frameworks (including Cyber Kill Chain, Diamond Model, MITRE ATT&CK)
Capacity to read security logs and code to understand the content and context
Strong analytical skills, a demonstrated writing ability, and excellent verbal communication
Experience working in online intelligence investigations and analysis, including strong OSINT skills
Ability to deliver at pace, find solutions, and adapt in a constantly evolving organization
What makes you uncommon?
Understanding of cybersecurity and IT disciplines including networking, operating systems, authentication protocols, security incident response, and enterprise technical security solutions (SIEM, IDS/IPS, firewall solutions, offensive security tools)
Basic knowledge of Linux/Unix operating systems
Certifications such as Network+, Security+, CySA+
Experience with scripting or programming, including malware reverse engineering
Professional-level foreign language skills, preferably Russian, Farsi, or Chinese
Data or statistical analysis skills
Familiarity with open, deep, and dark web cybercriminal marketplaces and forums
Experience of online HUMINT operations and/or social engineering techniques
